Having just spouted on about snaps/flatpak I saw on the roadmap for AWS Firecracker that snap support is to be included. Sorry that I am conflating snap and flatpak.
On Tue, 23 Jul 2019 at 07:06, John Hearns <hear...@googlemail.com> wrote: > Having used Snaps on Ubuntu - which seems to be their preferred method of > distributing some applications, > I have a slightly different take on the containerisation angle and would > de-emphaise that. > > My take is that snaps/flatpak attack the "my distro ships with gcc version > 4.1 but I need gcc version 8.0" > By that I mean that you replace the distro shipped gcc version at your > peril - as far as I am concerned tiknering > with the tested/approved gcc and glibc will end you in a world of hurt. > (old war story - changing bash to an upgraded version left a big SuSE > system unbootable for me). > > So with snaps/flatpak you should be able to give your users and developers > up to date applications without fooling with > the core system utilities. And this is a Good Thing (TM) > > > > > > > > On Tue, 23 Jul 2019 at 06:47, Chris Samuel <ch...@csamuel.org> wrote: > >> On 22/7/19 10:40 pm, Jonathan Aquilina wrote: >> >> > So in a nut shell this is taking dockerization/ containerization and >> > making it more for the every day Linux user instead of the HPC user? >> >> I don't think this goes as far as containers with isolation, as I think >> that's not what they're trying to do. But it does seem they're thinking >> along those lines. >> >> > It would be interesting to have a distro built around such a setup. >> >> I think this is targeting cross-distro applications. With all the >> duplication of libraries, etc, a distro using it would be quite bulky. >> >> Also may you have a similar security as containers have, whereby when a >> vulnerability is found and patched in an application or library you end >> up with lots of people out there still running the vulnerable version. >> >> This is why distros tend to discourage "vendoring" of libraries as that >> tends to fossilise vulnerabilities into an application whereas if people >> use the version provided in the distro the maintainers only need to fix >> it in that one package and everyone who links against it benefits. >> >> All the best, >> Chris >> -- >> Chris Samuel : http://www.csamuel.org/ : Berkeley, CA, USA >> _______________________________________________ >> Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing >> To change your subscription (digest mode or unsubscribe) visit >> https://beowulf.org/cgi-bin/mailman/listinfo/beowulf >> >
_______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit https://beowulf.org/cgi-bin/mailman/listinfo/beowulf
